Closed lessfoobar closed 2 years ago
@richm I'm trying to build the test for the nbde_server and the firewall fact gathering is not working. Could you have a look ?
@richm I'm trying to build the test for the nbde_server and the firewall fact gathering is not working. Could you have a look ?
Looks like the controller node is fedora-35 - what is the managed node (the 192.168.88.100 machine) - is it also fedora-35? Looks like you are using the fedora-35 rpm package linux-system-roles version.
@lessfoobar I see - you are using version 1.20.2 but the firewall facts feature wasn't added until 1.21 - https://src.fedoraproject.org/rpms/linux-system-roles/c/22738ef99be4e393e8e783f1f642080240eb12ea?branch=rawhide 1.21 is currenly in Testing - https://bodhi.fedoraproject.org/updates/FEDORA-2022-6bac5823de - if you like, try it out and give it some positive karma and it may be released to Stable sooner In the meantime, you could install collection from Galaxy https://galaxy.ansible.com/fedora/linux_system_roles (version 1.26.1 - I know it's confusing that the versions aren't in sync . . .)
The problem is when I try to use the ansible-galaxy fedora.linux-system-roles collections, every time I put them in a playbook it is searching for the role path not the collection path and the new roles are in ~/.ansible/collections/ansible_collections/fedora/linux_system_roles/
maybe I need to put some symlincs to ~/.ansible/roles/
The problem is when I try to use the ansible-galaxy fedora.linux-system-roles collections, every time I put them in a playbook it is searching for the role path not the collection path and the new roles are in
~/.ansible/collections/ansible_collections/fedora/linux_system_roles/
maybe I need to put some symlincs to~/.ansible/roles/
I'm not sure what you mean. Can you give me an example - playbook, cli, output?
when you install the linux-system-roles
package, the roles are installed in /usr/share/linux-system-roles
and shortcuts to each role are being created in /usr/share/ansible/roles
.
in playbook when you refer to the role as example firewall:
the role-path is searched. The default paths in ansible.cfg are:
./roles ~/.ansible/roles /etc/ansible/roles /usr/share/ansible/roles
However, when you download the fedora.linux-system-roles from ansible-galaxy
they are saved in:
/usr/share/ansible/collections ./collections/ansible_collections/fedora/linux_system_roles/ ~/.ansible/collections/ansible_collections/fedora/linux_system_roles/
those are collection paths and no shortcuts to the roles paths are being created. Thus when you have both the package and the collections, the package always takes precedence over the latest collections, because it is in the right path.
when you install the
linux-system-roles
package, the roles are installed in/usr/share/linux-system-roles
and shortcuts to each role are being created in/usr/share/ansible/roles
. in playbook when you refer to the role as example firewall:* linux-system-roles.firewall
the role-path is searched. The default paths in ansible.cfg are:
./roles ~/.ansible/roles /etc/ansible/roles /usr/share/ansible/roles
However, when you download the
fedora.linux-system-roles from ansible-galaxy
they are saved in:
Why download the fedora.linux_system_roles collection from galaxy if you already have the Fedora linux-system-roles RPM package installed? The RPM package includes both the roles in legacy role format installed in /usr/share/ansible/roles AND the fedora.linux_system_roles collection installed in /usr/share/ansible/collections.
/usr/share/ansible/collections ./collections/ansible_collections/fedora/linux_system_roles/ ~/.ansible/collections/ansible_collections/fedora/linux_system_roles/
those are collection paths and no shortcuts to the roles paths are being created. Thus when you have both the package and the collections, the package always takes precedence over the latest collections, because it is in the right path.
The solution was that I was referring to the role as: name: linux_system_role.firewall which is wrong and the correct one should be: name: fedora.linux_system_roles.firewall
The solution was that I was referring to the role as: name: linux-system-role.firewall which is wrong and the correct one should be: name: fedora.linux-system-roles.firewall
you probably mean fedora.linux_systemroles.firewall - a collection name cannot have the -
(dash) character, so we normally use the `` (underscore) in collection names.
yeah typo again, will edit to fix it
What happened: TASK [linux-system-roles.firewall : Configure firewall] ****
failed: [192.168.88.100] (item={'detailed': True}) => {"ansible_loop_var": "item", "changed": false, "item": {"detailed": true}, "msg": "One of service, port, source_port, forward_port, masquerade, rich_rule, source, interface, icmp_block, icmp_block_inversion, target, zone or set_default_zone needs to be set"}
What you expected to happen: To get a detailed view of my firewall facts
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
Environment:
dnf info firewalld
or commit hash if developing from gitgit log -n1 --format=format:"%H"
): firewalld-1.0.5-2.fc35.src.rpmcat /etc/firewalld/firewalld.conf | grep FirewallBackend
): FirewallBackend= nftablesansible --version
): ansible [core 2.12.7]ansible-galaxy list | grep linux-system-roles.firewall
or commit hash if developing from gitgit log -n1 --format=format:"%H"
): linux-system-roles-1.20.2-1.fc35.noarch - linux-system-roles.firewall, (unknown version)cat /etc/os-release
): Fedora Linux 35 (KDE Plasma)